Trending Data Privacy Articles: December 2018 Edition on Dec 24, 2018
Cyber-attacks are now a global phenomenon and are expected to not only increase in frequency a but also severity if organizations don’t take stringent steps. Cyber risk is no longer only the concern of online retailers but of every company that connects to the Internet; they all are exposed to rising cyber threats. Hence, to keep our readers abreast with the latest developments in the world of data privacy and security, here is a recap of some of the hottest trending news articles last month.
1. Privacy Campaigners puts Oracle, Equifax on GDPR Radar
Privacy International (PI) in the U.K. has filed complaints of “systematic infringements” of data protection law by seven companies that store customer information. The targets include the data brokers Oracle and Acxiom, advertising technology firms Criteo, Quantcast and Tapad, and the credit reference agencies Equifax and Experian. The complaints are under the EU’s fearsome new privacy law, the General Data Protection Regulation (GDPR,) that potentially means the companies will need to change their ways. This could also mean major fines for them if they are proved to be using people’s data illegally. Acxiom claims to have data on about 700 million people globally but the question is from where this data was sourced and what it includes.
Data brokers collect personal information from various sources and subsequently sell these information bundles to social networks or brands. Consumers don’t hand their data directly to these brands but social networks often allow the data trading to operate in anonymity. Well, both Experian and Equifax have suffered major data breaches in the past which puts these companies on the radar of Privacy Campaigners.
2. FCA: Cyber Resilience Top Concern for Financial Firms
Britain’s financial watchdog, “Financial Conduct Authority”, has warned about the rapid rise of IT failures and cyber-attacks at banks are set to continue. FCA revealed that firms recently reported a 138% increase in technology outrages to the regulator and an 18% increase in cyber incidents.
FCA review was aimed to assess how wholesale banking and asset management firms oversee and manage their cybersecurity, how far they identify and mitigate relevant risks and their current capability to respond to and recover from incidents and successful attacks. All the firms acknowledged the importance of strong cybersecurity.
The data was compiled from an FCA survey on tech and cyber resilience that involved nearly 300 firms and was completed between 2017 and 2018. Nevertheless, FCA warned the financial sector firms of their obligation to transparency, claiming they have evidence of under-reporting. FCA is still in discussion with companies over 186 cases where the root cause of a cyber-incidents still hasn’t been revealed.
This is an extremely business-critical moment, given the evolving threat landscape punctuated by worldwide cyber threats. It is important that financial sector firms have cyber security and IT experts on speed dial, as well as have robust business continuity plans along with standardized procedures if any attack takes place.
Source: Infosecurity Magazine
3. Data Assets at Risk from IT Security because of Misevaluation
IT groups often overestimate or underestimate the true worth of their data assets, making it harder to prioritize the controls. The Ponemon Institute recently conducted a survey on behalf of document security vendor “DocAuthority”. About 2,820 professionals from seven different functional areas, namely legal, IT security, market, IT, product and manufacturing, finance and accounting, and human resources were told to value 36 different information types on a per record basis. The information included source code, research and development documents, merger and acquisition data, customer records, as well as personally identifiable information.
The results showcased IT departments overestimating the value of certain information types, such as PII, whilst grossly underestimating the value of other information, such as financial reports and R&D data. On an average, IT security departments tended to be as much as 50% off the true value of data assets as supposed by the data owners.
As IT security departments undervalue these assets, they also underestimate the safeguards that must be used in order to protect the business assets, thus increasing their security risk. For a better secure environment, having the right infrastructure and systems in place to facilitate a quick recovery is vital.
Source: Global Security Mag
4. In a strategic alliance, Cisco will train 120K Police Officers in Cyber Security
Cisco in a strategic move is associating with U.K. police forces to help train their 120,000 officers in cybersecurity. This move will help police officers increase their knowledge about cyber security to help them deal with all the challenges it brings. This partnership between the National Police Chiefs’ Council and Cisco’s Networking Academy also marks the first anniversary of Cisco’s digital skills manifesto in the United Kingdom.
The partnership shows Cisco’s expertise not only in cybersecurity but also in running accessible and scalable skills programs for all levels of experience globally. The training would be facilitated for officers across England, Scotland, Wales and Northern Ireland.
With this positive news, it can be concluded that police forces enabled with a better understanding of cybersecurity would take better measures to curb cyber threats. If this program by Cisco results in better support for victims, it can be inferred that the program has been a success.
Dataguise, a leader in the data privacy and security space for over a decade, is committed bringing you the latest trending stories and articles. We hope you find our monthly recap useful, and if you’d like to learn more about how Dataguise helps enterprises worldwide locate, identify, protect, and monitor the privacy of their sensitive personal data, contact us any time for more information or to setup a free product demo.